Best Buy has apparently been deactivating some of its users' accounts and notifying the owners about it via email.

"We are currently investigating increased attempts by hackers around the world to access accounts on BestBuy.com and other online retailersí e-commerce sites," it says in the email.

"These hackers did not take username / password combinations from any Best Buy system; they appear to be using combinations taken elsewhere in an attempt to gain access to BestBuy.com accounts."

According to the email, the recipients have had their account accessed by hackers, and Best Buy reacted by disabling the password and asking the users to reset it.

Even though the email looks pretty legitimate, some users have expressed their worry that it might not be. After all, they included a direct link that supposedly takes the user to the password reset page - a technique often used by phishers.

Some of the most savvy users have refrained from following it, choosing instead to access their accounts via the usual login page.

Some of them also apparently managed to get in with the old password, making them doubt the legitimacy of the email. Also, it seems that Best Buy has still not officially acknowledged the problem, which increased the users' suspicions.

Other users followed the link, reset the password, logged in with the new password and preemptively deleted the credit card information contained in the account.

"I do not use the same password across different websites which makes me believe that Best Buy has a larger security breach on their hands compared to what they said," commented one of the users whose account has been breached.

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.